Freedom of information in the United Kingdom

• 77% of people say protecting their personal information is essential, research commissioned by the ICO has found.
• The ICO commissions annual track research to monitor changes in public attitude and perceptions and why these changes may occur.
• Information Commissioner, Elizabeth Denham said:

  This research is important to the ICO.

• ICO has also published its annual report today.

• The Information Commissioners Office (ICO) has fined Leeds-based Brazier Consulting Services Ltd (BCS) 200,000 for making more than 11 million unlawful claims management calls.
• An ICO investigation, prompted by complaints from the public, found the firm made repeated nuisance calls to people about PPI.
• Natasha Longson, ICO Investigations Manager, said:

  Its clear from the complaints we received that these calls caused real distress.

• Whats more, the firm continued to bombard people by phoning even when theyd been asked to stop.

Colleagues from the ICO’s FOI Directorate share their experiences and involvement in raising awareness of our regulation of access to information legislation.

Supporting you to meet your information access requests - 24 February 2021

• We speak regularly about supporting you to meet your requirements, and weve published two new products to help you achieve that goal.
• The new topic allows you to self-assess your performance when you refuse requests because they exceed the appropriate cost limit.
• At the same time, weve published top tips for dealing with information access requests.
• Born out of our London Boroughs work, the tips can be used across all organisations dealing with information access requests.
• We hope our resources prove useful and well continue to develop tools to help our information access colleagues in achieving their obligations.

Continued support to reflect these unprecedented times - 9 October 2020

• Our revised regulatory approach states that we will:
  • continue to accept new information access complaints;
  • expect public authorities, with request backlogs, to establish recovery plans to return to compliance with the Freedom of Information Act within a reasonable timeframe;
  • consider unpausing formal monitoring and regulatory action that was in train before the pandemic;
  • encourage public authorities to proactively publish important information; and
  • expect organisations to appreciate the ongoing importance of proper record keeping.
  • Informed by what we are being told by organisations, we have made further changes to our regulatory approach.
  • This marks another step towards returning to our pre COVID-19 approach, but with the caveats and exceptions that reflect the reality of these unprecedented times.
  • Our approach remains pragmatic and we will continue to support public authorities to ensure peoples information rights are protected.

FOI and coronavirus – preparing for recovery - 17 July 2020

• As the UKs response to COVID-19 continues to evolve towards recovery we have made changes to our adapted regulatory approach.
• To help with this we have launched an FOI toolkitdesigned to help public authorities self-assess performance in responding to FOI requests.
• We hope the toolkit will become a staple part of FOI practitioners continual learning and that it will promote good practice.
• We would also like to thank the Scottish Information Commissioner and his team for their assistance during the toolkits development stage.

How we will regulate freedom of information during coronavirus - 16 April 2020

• As the coronavirus crisis began to take hold, we blogged about the unprecedented challenges facing public authorities and how redirecting resources and switching priorities would impact on their compliance with freedom of information.
• The ICO has published a document setting out our regulatory approach during the COVID-19 pandemic.
• We will continue to support transparency in public decision making but our regulation of freedom of information must be pragmatic and empathetic during the pandemic.

FOI and the coronavirus: a measured approach - 16 March 2020

• In particular we understand that resources, whether they are finances or people, may be diverted away from usual compliance or information rights work.
• Whilst we cant extend statutory timescales, we will not be penalising public authorities for prioritising other areas or adapting their usual approach during this extraordinary period.
• We are a reasonable and pragmatic regulator, one that does not operate in isolation from matters of serious public concern.

Further Reading

What you hear, what you know - addressing common misconceptions of FOIA and EIR - 06 February 2020

Those of us working in public authorities have become accustomed to the processes of the Freedom of Information Act (FOIA), but the law may still seem complex for many members of the general public, so we need to be mindful of that when responding to people who make requests. This blog post sets out some common public misconceptions and explains how we can smooth the path for people wishing to exercise their information rights.

What you hear

I can use the Freedom of Information Act to request information from any organisation that receives public funding.

What you know

Just because you receive public funds, doesn’t mean you’re a public authority that falls within scope of the FOIA. Under FOIA, ‘public authority’ means any organisation listed in Schedule 1, designated under section 5 or a publicly-owned company as defined by section 6. Remember the FOIA may apply to information in the possession of other organisations, like contractors, who hold it on behalf of a public authority.

What you hear

The Freedom of Information Act and the Environmental Information Regulations can give me access to my personal data.

What you know

• As a public authority, you should explain that you need to handle this as a data protection subject access request under data protection legislation.
• Remember, personal information about a third party can be requested under FOIA or EIR, but you must consider whether disclosure of third party personal data would contravene data protection legislation.

What you hear

I want to make a request for information but I need to know if I use FOIA or EIR first.

What you know

You can’t refuse to deal with someone’s request simply because they don’t know which law to follow. It is your responsibility to process the request under the correct regime, and you should let the individual know which one their request falls under. You should also make it known, perhaps via your website, that people do not need to specify which regime they are making their request under.

What you hear

I’m only going to receive information from a public authority in the format that it was originally recorded.

What you know

• What is reasonably practicable will depend on factors such as how the information is held, the cost of complying with the preference, your resources and security.
• You may also charge a fee to cover the cost of communicating the information.
• If youre not communicating the information by the preferred means, it is good practice to discuss this with the individual to find an acceptable alternative.

ICO attends the second ICIC FOI case handling workshop -23 January 2020

• Update from our peers:
  • The Freedom of Information Act 2018 will soon be enacted in Gibraltar. Some key differences to our legislation include applicants must be over 18 and a resident of Gibraltar, an applicant must specify that the request is being made under the Freedom of Information Act and there is an application fee for making a request. The legislation does not currently have a cost limit threshold (similar to section 12 FOIA) however this is currently under discussion.
  • In Slovenia responses can be extended to 30 working days where ‘third party’ interests are involved to allow consultation on disclosure / the application of exceptions. When investigating complaints, Slovenian colleagues have the power to inspect and search premises and fines can be imposed if a body does not comply with an investigation or decision. There is no tribunal process to appeal a decision, if a body disagrees with a decision they can only challenge this through the courts.
  • The Cayman Islands highlighted a real culture shift to a much more pro-active release of information such as travel expenses and meeting minutes. In this jurisdiction, it was however interesting to hear that requests can be made using pseudonyms and that 80% of requests come from the media.
  • Hungary delivered an interesting presentation on the impact of the requirements of disclosure of information under other pieces of legislation and how this sits with its Freedom of Information law.
  • The Philippines explained that despite not having FOI legislation, almost all agencies implemented FOI and that they are currently in the process of applying to join the ICIC.
  • Hosted by the Gibraltar Regulatory Authority, the annual workshop provides an opportunity for different jurisdictions across the globe to share working practices and ideas.
  • ICO colleagues in attendance provide an overview of the event.
  • During the two day workshop a number of presentations, Q&A sessions, group discussions, and case studies took place and it was interesting to hear the similarities, but also the differences between the various information access regimes.
  • Our own guidance is beginning to be reviewed and updated, in line with Opennness by Design: The Information Commissioners strategic plan 2019/20-2021/22.
  • The ICO has recently been accepted as a member of the ICIC something that we would encourage all of our international colleagues to look into doing.

ICO accepted as an International Conference of Information Commissioners (ICIC) member - 09 January 2020

• Gill Bull, the ICOs Director of Freedom of Information Complaints and Compliance, notes a further milestone as the ICO is formally accepted as a member of the ICIC.
• Were delighted to start the decade by being formally accepted as a member to the ICIC, the global network that fosters the protection and promotion of access to information.
• Indeed in her recent speech for Mexico Citys National Transparency Week conference, Information Commissioner Elizabeth Denham said: Access to information is a growing right.
• By sharing our experience and expertise internationally we guard against that.Such a responsibility is an important part of the work of the International Conference of Information Commissioners the ICIC.
• We are a collective voice in the international community, raising awareness of issues that impact upon access to public informationCrucially, we discuss how to bring information access statute to life.
• Such a responsibility is an important part of the work of the International Conference of Information Commissioners the ICIC.
• We are a collective voice in the international community, raising awareness of issues that impact upon access to public information Crucially, we discuss how to bring information access statute to life.
• How are we working with people requesting information, to make the process as straightforward as possible?


We look forward to working with our international colleagues in the pursuit of protecting and promoting access to public information. We also encourage other Information Commissioners to join the growing ranks of the ICIC. It’s easy to do and further information is on the ICIC website.

Access to Information in Turbulent Times - 19 November 2019

• This is the first in a series of blog posts covering our regulation of access to information legislation.
• The first post is by Gill Bull, ICOs Director of Freedom of Information Complaints and Compliance, who delivered the 2019 Bond Lecture at the British Records Association on 13 November 2019.
• I wanted to use the lecture to reflect on the many intersections between the work of archivists and access to information within the context of everyday FOI.
• And of course I began by challenging the view that access to information can be seen as a dry topic and one that is principally about systems.
• I spoke about the role that access to information has in creating trust and in democracy itself and quoted UNESCOs Guy Berger who described access to information as an issue that goes with the grain of history.
• If were a public authority, its the publics information and while there will always be a request and receive aspect of access to information rights, I queried whether we need to start talking about a more fundamental duty to provide information.

• The Information Commissioner's Office (ICO) has launched a public consultation on its draft Statutory guidance, which details how it will regulate and enforce data protection legislation in the UK.
• Designed to ensure the rights and freedoms of individuals are protected, the draft guidance also seeks to provide assurance to business that the ICO will use its powers proportionately and consistently.
• Elizabeth Denham, Information Commissioner said:

  The primary role of my office is to protect the rights and freedoms of individuals in the digital age, and this draft guidance explains how my office will achieve this.

• A requirement of the Data Protection Act 2018, the draft Statutory guidance explains how the ICO will exercise its regulatory functions when issuing: information notices; assessment notices; enforcement notices and penalty notices.